/**
 * 
 */
package servlet;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import database.SetConn;

import eb.User;

import run.Login;
import run.UserInfo;

/**
 * @author ys
 * 
 */
public class UserInfoServlet extends HttpServlet {
	private static final String CONTENT_TYPE = "text/html;charset=GBK";

	/**
	 * 
	 */
	public UserInfoServlet() {
		// TODO Auto-generated constructor stub
	}

	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {

		response.setContentType(CONTENT_TYPE);
		request.setCharacterEncoding("GBK");
		PrintWriter out = response.getWriter();
		HttpSession session = request.getSession();
		User currentUser = (User) session.getAttribute("UserInfo");

		/*String action = request.getParameter("act");
		if (action == null) {
			action = "edituserinfo";
		}*/
		String action = (String)session.getAttribute("userInfoAction");
		System.out.println("action:"+action);

		if (currentUser == null) {
			out.println("you are not login now"
					+ "<a href=\"javascript:history.back()\">"
					+ "please login. </a>.");
			return;
		} else if (action.equals("edituserinfo")) {
			System.out.println("edituserinfo");
			String realName = request.getParameter("RealName");
			String sex = request.getParameter("Sex");
			String tel = request.getParameter("TelePhone");
			String email = request.getParameter("Email");
			String address = request.getParameter("Address");
			String postcode = request.getParameter("PostCode");
			System.out.println("realName:" + realName);
			System.out.println("sex:" + sex);
			System.out.println("tel:" + tel);
			System.out.println("email:" + email);
			System.out.println("address:" + address);
			System.out.println("postcode:" + postcode);
			
			currentUser.SetRealName(realName);
			currentUser.SetSex(sex);
			currentUser.SetTel(tel);
			currentUser.SetEmail(email);
			currentUser.SetAddress(address);
			currentUser.SetPostcode(postcode);
			UserInfo userInfo = new UserInfo();
			userInfo.updateInfo(currentUser);
			
			System.out.println("username:" + currentUser.GetRealName());
			System.out.println("passwd:" + currentUser.GetPassWord());

			session.setAttribute("UserInfo", currentUser);
//			response.sendRedirect("index.jsp");
			response.sendRedirect("user_info.jsp");
		} else if (action.equals("editpassword")) {
			System.out.println("editpassword");
			String oldPasswd = request.getParameter("OldPassword");
			String newPasswd = request.getParameter("NewPassword");
			String verifyPasswd = request.getParameter("VerifyNewPassword");
			System.out.println("oldPassword:" + oldPasswd);
			System.out.println("newPasswd:" + newPasswd);
			System.out.println("verifyPasswd:" + verifyPasswd);

			SetConn testconn = new SetConn();
			Connection conn = testconn.setupConn();
			String userName = currentUser.GetUserName();
			String sql = "select Password from member where UserName='"
					+ userName + "'";
			ResultSet rs;
			try {
				PreparedStatement queryPs = conn.prepareStatement(sql);
				rs = queryPs.executeQuery();
				String passwd = rs.getString(1);
				if (!passwd.equals(oldPasswd)) {
					out.println("Wrong old password"
							+ "<a href=\"change_password.jsp\">"
							+ "<br>please input again. </a>.");
				} else if (!newPasswd.equals(verifyPasswd)) {
					out
							.println("The new password is not the same as the verify password"
									+ "<a href=\"change_password.jsp\">"
									+ "<br>please input again. </a>.");
				} else {
					currentUser.SetPassWord(newPasswd);
					UserInfo userInfo = new UserInfo();
					userInfo.updatePasswd(currentUser);
					session.setAttribute("UserInfo", currentUser);
//					response.sendRedirect("index.jsp");
					response.sendRedirect("user_info.jsp");
				}
			} catch (SQLException e) {
				e.printStackTrace();
			}

		}
		out.flush();
		out.close();
		return;
	}
}
